Devices are increasingly becoming network connected by persistent, regular, intermittent or occasional connection to computer networks or network connected servers for communication with clients, servers, each other, publication of information, data collection, data capture or other purposes. This trend has been described as developing an “internet of things” (IoT) in which devices of many potentially disparate kinds and purposes are network connected, including, inter alia: domestic appliances and equipment; utility supply and control apparatus such as energy supply and control; commercial machinery and plant; vehicles; sensors and detectors; lighting; heating; media devices including audio and video; medical devices; learning aids; timepieces; data storage devices; food preparation and storage devices; agricultural apparatus; human and animal monitoring devices; personal possessions; articles of fashion including clothing and footwear; roadside apparatus such as traffic monitors; street furniture; distributed computing or other processing devices; and many other devices and apparatus as will be apparent to those skilled in the art. The motivation for network connection of such devices can be varied including, for example: a desire to share information about a state, configuration, presence, environment, locality or arrangement of a device; communication of events, alerts, states or state changes relating to a device; for multiple devices to collaborate, coexist, cooperate, communicate or the like; to generate sensory output for subsequent consumption, recording or the like; for control of devices such as by network configuration, control, installation, modification, operation and the like; and many other purposes as will be apparent to those skilled in the art.
Notably, a network connection for any or all such devices may not be constant or persistent, in the sense that a network connection can be provided or obtained only occasionally for the purpose sending and/or receiving data. Alternatively, some devices may be network connected by proxy through a network connected other device such as a hub, server, agent or the like with such connection to the other device itself being potentially non-permanent or non-persistent. For example, some devices may be suitable for connection to a proxy or agent such as by a proximity network technology such as a Bluetooth, local wireless or short-range radio network. In such embodiments the proxy or agent may not be permanently located so as to engage in communication with all devices and may instead move or be relocated periodically or as required to communicate with devices to provide a network connection or even to receive data for transmission to the network and send data for receipt from the network by the device, such actual transmissions taking place later when such proxy or agent is itself network connected. Despite the absence of permanent and/or persistent network connections for such devices, they shall nonetheless be considered “network connected” for the purpose of the present description.
A benefit of network connection for devices is the opportunity for devices to be reprogrammed, reconfigured, adapted, supplemented, modified, updated and/or revised based on data received via the network. For example, a function of a particular network connected device can be embodied in software such as a software application for execution by the network connected device. Such software can be revised or replaced by communicating new or updated software via the network. A common example of this is a firmware for a device, updates for which can be received via a network.
Each network connected device presents a potential vulnerability to a network and other devices connected thereto which malicious agents or entities might seek to exploit for malicious purposes. For example, network connected devices can be subject to spoofing, unauthorized access, unauthorized modification and/or unauthorized use. Such network connected devices can be furnished with little processing resource (so as to reduce manufacturing and operating costs, for example) and traditional security mechanisms such as intrusion detection services, antimalware services, firewalls and antivirus services may be difficult to accommodate for or by the device without unduly impacting the limited resource of the device or other operation of the device or may simply be too costly in view of the value or cost of the device. Additionally, the nature of some network connected devices can render them unable or ill-equipped to authenticate themselves to a network or other network connected entity, such as due to limitations of resource of the device or due to the economics of providing such facilities for very large numbers of such devices. Accordingly, the nature of network connected devices and their operation can mean that communications and communicating entities are essentially untrusted and certainty in the reliability and appropriateness of received data is not assured.
Consequently, a range of challenges for network connected devices arise. For example, devices receiving executable code via a network cannot readily confirm that received code is trusted and that the code is intended for the device. While code can be hashed and/or signed such mechanisms can be vulnerability to spoofing or other threats, especially in a network subject to potential interception, intermediary insertion and the like. For example, data and an accompanying hash communicated by an originating server can be intercepted and replaced with a new valid hash. Thus hashing and signing of communications payloads can be made to look genuine and/or can be difficult for a receiving entity to verify especially where multiple intermediate distribution components are involved in a distribution network. It would therefore be advantageous to address these challenges.